Welcome to an OWASP Sweden seminar March 20, with Jim Manico. Book your seat at [https://owaspsweden200312.eventbrite.com/ Eventbrite].

+

+

This event will be in English.

+

+

Sponsors for this event are:

+

* F5 who is sponsoring for Jim's travel and hotel

+

* .SE sponsoring with the venue

+

* Cybercom who will supply you with beverage and snacks during the evening

+

+

The Speaker

+

Jim Manico is a profile in the OWASP community working with the OWASP podcasts and ESAPI amongst other things. During march he is doing a nordic tour and will be visiting the chapters in Finland, Sweden, Norway and Denmark and we have the pleasure of welcoming him to Stockholm on March 20.

+

Read more on the OWASP webpage https://www.owasp.org/index.php/User:Jmanico

+

+

Abstract for Jim´s talk:

+

+

'''Web Application Access Control Design Excellence'''

+

+

Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism.

+

+

'''OWASP Sweden SSL Day, Stockholm, November 23 2011'''

+

OWASP Sweden, Stockholm branch is happy to announce a full-day on the topic of SSL in cooperation with Internetdagarna

Mario Heiderich works as a researcher for the Ruhr-University in Bochum, Germany and currently focuses on HTML5, SVG security and security implications of the ES5 specification draft while finishing his PhD thesis.

+

+

We're very happy to invite Mario to OWASP Sweden in March. His two talks will be given in English at Royal Institute of Technology (KTH).

+

+

Get your ticket now at [http://marioheiderich.eventbrite.com/ Eventbrite].

+

+

Mario's slides:<br>

+

[[Media:Mario_Heiderich_OWASP_Sweden_The_image_that_called_me.pdf‎]] "The Image That Called Me" on SVG security<br>

+

[[Media:Mario_Heiderich_OWASP_Sweden_Locking_the_throneroom.pdf‎]] "Locking the Throneroom" on locking the DOM to eradicate XSS

[http://www.omegapoint.se Omegapoint] are sponsors and there will be lighter food and beers.

+

+

'''OWASP Sweden reaches 500 members ... and gets three leaders'''

+

OWASP Sweden now has a stunning 500 members on the mailing list. From now the chapter will be lead by three co-leaders: John Wilander, Mattias Bergling, and Robert Malmgren.

+

'''OWASP Sweden invites Samy Kamkar, October 4, 2010'''

'''OWASP Sweden invites Samy Kamkar, October 4, 2010'''

−

Samy Kamkar, famous for the [http://en.wikipedia.org/wiki/Samy_(XSS) Samy XSS attack on MySpace] in 2005 will be giving a talk for OWASP Sweden on October 4, 5:30 pm - 22 pm. We will be in Stockholm but the venue is yet to decide.

+

Samy Kamkar, famous for the [http://en.wikipedia.org/wiki/Samy_(XSS) Samy XSS attack on MySpace] in 2005 will be giving a talk for OWASP Sweden on October 4, 5:30 pm - 22 pm. We will be in Ljusgården, Årstaängsvägen 19, Marievik/Liljeholmen, Stockholm ([http://www.hitta.se/LargeMap.aspx?var=%c5rsta%e4ngsv%e4gen+19%2c+Liljeholmen%2fMarievik%2c+Stockholm map]).

+

+

Nexus Safe and Data@UrService are sponsors and there will be lighter food and beers.

+

+

[[Media:OWASP_Sweden_Samy_Kamkar_oktober_2010.pdf]]

Go to [http://samykamkar.eventbrite.com/ EventBrite] and register for free now!

Go to [http://samykamkar.eventbrite.com/ EventBrite] and register for free now!

Line 19:

Line 89:

Go to [http://communityhack2.eventbrite.com/ EventBrite] and register for free now!

Go to [http://communityhack2.eventbrite.com/ EventBrite] and register for free now!

+

+

+

'''OWASP AppSec Research 2010 in Stockholm, June 21-24 2010'''

+

June 21-24, 2010 appsec people will meet in beautiful Stockholm, Sweden. The OWASP chapters in Sweden, Norway, and Denmark together with Stockholm University host the [http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden OWASP AppSec Research 2010].

Line 123:

Line 197:

Are you interested in helping out? Do you have ideas for great invited speakers or workshop meetings? Feel free to contact the chapter.

Are you interested in helping out? Do you have ideas for great invited speakers or workshop meetings? Feel free to contact the chapter.

OWASP Sweden

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Welcome to an OWASP Sweden seminar March 20, with Jim Manico. Book your seat at Eventbrite.

This event will be in English.

Sponsors for this event are:

F5 who is sponsoring for Jim's travel and hotel

.SE sponsoring with the venue

Cybercom who will supply you with beverage and snacks during the evening

The Speaker
Jim Manico is a profile in the OWASP community working with the OWASP podcasts and ESAPI amongst other things. During march he is doing a nordic tour and will be visiting the chapters in Finland, Sweden, Norway and Denmark and we have the pleasure of welcoming him to Stockholm on March 20.
Read more on the OWASP webpage https://www.owasp.org/index.php/User:Jmanico

Abstract for Jim´s talk:

Web Application Access Control Design Excellence

Access Control is a necessary security control at almost every layer within a web application. This talk will discuss several of the key access control anti-patterns commonly found during website security audits. These access control anti-patterns include hard-coded security policies, lack of horizontal access control, and "fail open" access control mechanisms. In reviewing these and other access control problems, we will discuss and design a positive access control mechanism that is data contextual, activity based, configurable, flexible, and deny-by-default - among other positive design attributes that make up a robust web-based access-control mechanism.

Mario Heiderich works as a researcher for the Ruhr-University in Bochum, Germany and currently focuses on HTML5, SVG security and security implications of the ES5 specification draft while finishing his PhD thesis.

We're very happy to invite Mario to OWASP Sweden in March. His two talks will be given in English at Royal Institute of Technology (KTH).

OWASP Sweden now has a stunning 500 members on the mailing list. From now the chapter will be lead by three co-leaders: John Wilander, Mattias Bergling, and Robert Malmgren.

OWASP Sweden invites Samy Kamkar, October 4, 2010

Samy Kamkar, famous for the Samy XSS attack on MySpace in 2005 will be giving a talk for OWASP Sweden on October 4, 5:30 pm - 22 pm. We will be in Ljusgården, Årstaängsvägen 19, Marievik/Liljeholmen, Stockholm (map).

Nexus Safe and Data@UrService are sponsors and there will be lighter food and beers.

The first weekend of September OWASP Sweden together with FOSS Sthlm invite our members to Community Hack II in Stockholm. A full weekend of hacking on open projects, testing new security hacks, trying out tools (for instance the favorite OWASP tool you've always wanted to learn), or writing new, open guidelines.

Omegapoint invites us to discuss the release candidate of OWASP Top 10 2010 that was presented at OWASP AppSec DC November 13th. The invitation in Swedish is found File:OWASP Sweden Top 10 december 2009.pdf.
Don't forget to send an email to John Wilander (john.wilander@owasp.org) no later than November 23rd to say you're coming. Seats usually fill up fast.

OWASP AppSec Research 2010, June 21-24 in Stockholm, Sweden

OWASP Sweden, Norway, and Denmark invite you to OWASP AppSec Research 2010, June 21-24 in Stockholm. Read more on the conference wiki page.

OWASP-Sweden Meeting April 28th 2009 -- Code Analysis and Review

The second chapter meeting of 2009 will be held on Tuesday April 28th at Clarion Hotel Stockholm. The focus is code analysis and code review. Fortify sponsors the event and welcome the chapter members to refreshments, starting at 17.30.

The program:

Fredrik Möller (Fortify) will biefly present Fortify and their support of OWASP

David Anumudu (Fortify) will present and do a live demo of Fortify Solution

James Dickson (Simovits Consulting) will give a talk on code review

Don't forget to send an email to John Wilander (john.wilander@omegapoint.se) no later than April 23rd to say you're coming. We need to know how many will turn up.

OWASP-Sweden Meeting March 26th 2009 -- XSS & CSRF

The first meeting of 2009 will be held Thursday March 26th at LabCenter, Oxtorgsgränd 2, Stockholm. The focus is cross-site scripting and cross-site request forgery, attacks and countermeasures. Inspect it and LabCenter sponsor the event and welcome the chapter members to refreshments, starting at 17.00.

The program:

Hasain Alshakarti, TrueSec: "XSS & CSRF -- A Deadly Cocktail"

Sergio Molero, Concrete IT: "Skydd mot XSS och CSRF"

Don't forget to send an email to Mattias Bergling (mattias.bergling@inspectit.se) no later than March 23rd to say you're coming. We need to know how many will turn up.

OWASP-Sweden Meeting November 19th 2008 -- PCI DSS

The next chapter meeting is Wednesday November 19th. The focus of the seminars is on PCI-DSS, i.e. security in payment card handling on the Internet.
The program:

The meeting is fully booked. But do send an email to John Wilander (john.wilander@omegapoint.se) to say you're interested and we'll let you know if seats become available.

OWASP Sweden Hosts the OWASP AppSec Europe Conference 2010

We're hosting the European OWASP AppSec conference in 2010! Please read the announcement.

OWASP-Sweden Meeting October 6th 2008 -- Security in the Open Source Process

The next chapter meeting is Monday October 6th at Clarion Hotel Stockholm (Skanstull). The focus of the seminars will be on "Security in the Open Source Process". Refreshments will be served from 16:30 and the seminars will commence at 17:30. Except for a closing panel discussion the program contains the following:

Don't forget to send an email to Robert Malmgren (anmalan@romab.com) no later than September 29th to say you're coming. We need to know how many will turn up.

OWASP-Sweden Meeting May 27th 2008 - SQL Injection, Web Scarab

OWASP-Sweden welcomes its members to the next chapter meeting - Tuesday May 27th at Clarion Hotel Stockholm. Refreshments will be served from 17:00, demos will be shown from 17:30, and the seminars will commence at 18:00. The main attractions are:

Don't forget to send an email to Mattias Bergling (mattias.bergling@inspectit.se) no later than May 21st to say you're coming. We need to know how many will turn up.

Kick-Off Meeting for OWASP-Sweden April 1st 2008

The OWASP-Sweden kick-off will be held at WTC in Stockholm on April 1st. Yeah, it's April Fool's Day but we go under the tagline "Application Security is Not a Joke". The presentation program includes:

Andrei Sabelfeld, well-known security researcher from Chalmers

Michael Anderberg, Chief Security Advisor at Microsoft Sweden

Per Mellstrand, software analyst at Sony Ericsson and researcher at Blekinge Institute of Technology

Don't forget to send an email to John Wilander (john.wilander@omegapoint.se) no later than March 27 to say you're coming. We need to know how many will turn up.

We're kicking off!

OWASP-Sweden in Computer Sweden - 08:44, 19 Dec 2007 (EDT)

Today the Swedish national IT newspaper 'Computer Sweden' published an article on the new OWASP-Sweden chapter - Mecka för säker programmering till Sverige, or A Mecka for Secure Programming Reaches Sweden in English. While OWASP is more than a programmer's guide, Mattias Bergling and I are very happy to get the news out to a large part of Sweden's IT industry.

Finally, Sweden has joined the OWASP movement and John Wilander, the local chapter leader, welcomes members to the Stockholm-based OWASP-Sweden. Please, join our mailing list. Plans for meetings and seminars will be made.

Are you interested in helping out? Do you have ideas for great invited speakers or workshop meetings? Feel free to contact the chapter.